Golden Rules - Member Privacy and Company Confidentiality

Introduction to this Review Course

 

This review course intends to ensure that all Airtasker Support members are fully aware of the golden rules which we all must observe while attending to each ticket case.

The module specifically covers the following critical quality attributes:

          A. Member Privacy and Confidentiality

          B. Company Privacy and Confidentiality

    

By now, you should have finished the Knowledge Check.

On the succeeding pages, the same scenario tests have been laid out with self-corrections. If you are able to select the correct answer, give yourself a pat, you are doing the golden things on your ticketing. However, if you have selected a wrong answer, don't feel too bad -- this is why we have this review course to rectify the grey areas for you as early as now. If you have selected an incorrect answer, there will be a pop-up explanation until you get to the correct response.

When you have completed the scenario tests, you will be asked to complete a sign-off of your full understanding as well as your feedback of this learning material.

If you have any question, feel free to approach your QA Specialist or Trainer.

Way to go, Airsupport!

Member Privacy and Company Confidentiality Module

Learning objective

At Airtasker, it is necessary to meet and exceed the expectations of our members and doing the right things right every time will  ensure positive Airtasker experience across the platform, the critical quality attributes is at the forefront of which.

A. Member Privacy and Confidentiality

Rule #1: 

We are not supposed to give out any private information of our members to anyone, even to them without being 100% sure that they are who they say they are.

Scenario Test A1

The situation:

Poster Andrea has contacted us saying that the task wasn't completed to requirements by Worker Removalist B, when you searched through zendesk, you have come across a new ticket from the Worker. However,  you have accidentally merged the Poster's ticket to that of the Worker's. What should you do now?

  • A. Never mind the Poster's closed ticket due to merging and just respond to Worker's query on the merged into ticket.
  • B. Close off the merged into ticket, and take no further action.
  • C. Close off the merged into ticket, and create 2 new tickets to respond to both separately and remember to put a tag “outbound” onto the new tickets. Link to the original tickets.
  • D. Respond to the closed due to merging ticket through a new outbound ticket and respond to the other query on the merged into ticket.

Scenario Test A2

Social Engineering

A Poster has contacted us to verify their credit card details we have on our database, how will your response look like?

"Hi Airtasker, I have been trying to check if you have my correct credit card details as I will be assigning a Task soon. Can you email me back my full 16-digit credit card number, cvv and expiration date? Appreciate your quick reply. I am getting frustrated now as I can not figure out if you have the correct numbers, otherwise I think I am just going to close my account."

  • Hi Member, unfortunately we are unable to provide assistance to suspicious requests.
  • Hi Member, yes definitely we can help you with that. You have put in 5111-1111-1111-1111 Mastercard as your payment method with expiration date 12/2020. Unfortunately we do not have the cvv on records but we hope that helps you with the query in the meantime. We look forward to seeing you assign a Worker to your Task now.
  • Hi Member, for privacy and security we are unable to provide you with the requested information but you should be able to look that up from your end through this link: https://www.airtasker.com/account/payments/. You may opt to re-enter your credit card details to ensure they are correct.

Scenario Test A3

Question:

Identify which of the following situations breach the member privacy policy.


  • A. Incorrectly putting in a different email address where sensitive information of another member is written on the email
  • B. Wrong task link given (owned by another Airtasker member)
  • C. Saving member's contact information and banking details on your computer
  • D. Altering a member's information on their behalf, example changing their email address, date of birth or other sensitive info on our end (rails or sudo) -- without due approval from the management

Scenario Test A4

Question:

Which of the following will you escalate to Sydney to have the email content redacted?


  • A. Unable to add card, Poster provided the full 16 digits of the credit card for us to check for them.
  • B. Unable to add card, provided us the first 6 last 3 digits of the card
  • C. Worker provided us the BSB and account number where payment will be sent

Scenario Test A5

A member is reaching out as they forgot the password they have nominated for the account, you have noticed that they have contacted Airtasker using a non-registered email address. What should be your response?

  • A. “Hi there, Thanks for reaching out to us. With the current email address you have used to contact us, we are unable to locate your account. Could you please get back to us using your email address linked to your Airtasker account? If you can't remember your password just hit the "forgot password' link from the login page (https://www.airtasker.com/forgot-password/) and put in the email address linked to your Airtasker account. You will then receive an email with a link that you can use to reset your password. In the meantime, if there is anything else that we can do for you please let us know and we will be happy to support you.”
  • B. “Hi there, Thanks for reaching out to us. With the current email address you have used to contact us, we are unable to locate your account. Upon investigating, we can see you have registered your account under the email address [email protected], I have now reset your account password. You will receive an email with instructions about how to reset your password in just a few minutes. In the meantime, if there is anything else that we can do for you please let us know and we will be happy to support you.”
  • C. “Hi there, Thanks for reaching out to us. With the current email address you have used to contact us, we are unable to locate your account. In the meantime, if there is anything else that we can do for you please let us know and we will be happy to support you.”

Scenario Test A6

Scenario:

A User has contacted us using a “similar” email address, ie a typo error or different domain, how would your response look like?

  • A. “Hi there, Thanks for reaching out to us. It appears that you may have registered your account under a different email address, i.e. possible typo error / different domain / numeral added on the username / with domain extension. [User profile URL] Please let us know if you happen to recall which email you may have used to sign up with us. Otherwise, could you please send us an image of your photo ID which clearly shows your photo, full name and date of birth along with a photo of you holding the ID. Once received, we shall be happy to assist you further with your enquiry. (Insert generic guidance if necessary.) In the meantime, if there is anything else that we can do for you please let us know and we will be happy to support you.”
  • B. “Hi there, Thanks for reaching out to us. It appears that you may have registered your account under a different email address, i.e. possible typo error / different domain / numeral added on the username / with domain extension. Could you please contact us using that email address? Once we receive your email, we shall be happy to assist you further with your enquiry. (Insert generic guidance if necessary.) In the meantime, if there is anything else that we can do for you please let us know and we will be happy to support you.”
  • C. “Hi there, Thanks for reaching out to us. It appears that you have registered your account under a different domain. You are contacting us using gmail whist the one registered on your account is a yahoo with the same username, ie [email protected] Regarding your query, (insert account / task info here). If there is anything else that we can do for you please let us know and we will be happy to support you.”

Scenario Test A7

Scenario:

A Worker is following up on a payment, but upon checking there is no completed tasks yet when email address used to contact us is searched in rails, but you noticed that on the payment methods tab, there is another User ID that shares the same banking information and confirms it is a duplicate account where the task is linked to. What actions will you perform to resolve the issue?


  • 1. Reply to the Worker and explain that we have noticed he may have a duplicate account and that we will need to ID check him. Provide generic guidance about the enquiry where necessary.
  • 2. Restrict both accounts and put admin notes including the User ID of the other account
  • 3. Create a new ticket and also send ID request to the duplicate account
  • 4. Await for the reply and if the member confirms he has a duplicate account, delete the duplicate account and retain the account with most activities (await for all pending tasks to get completed/cancelled before deleting the account)
  • 5. Un-restrict the account to be retained, put admin notes and assist with account or task specific question.

B. Company Privacy and Confidentiality

Rule #2

We must adhere to company confidentiality at all times, including not sharing the tools we are using, as well as keeping the office and its member's info private. 

References:

 https://airtasker.atlassian.net/wiki/display/ACS/Airtasker+Customer+Support+Location+and+Office+Address

https://airtasker.atlassian.net/wiki/display/ACS/Staff+Guide

Scenario Test B1

Which of the following tickets will be marked down against Company Privacy Policy?

Ticket A

Ticket B

Ticket C

  • Ticket A
  • Ticket B
  • Ticket C
  • All of the above

Scenario Test B2

Scenario:

A member is so thankful he has now received all the payment for his 20 completed tasks and would like to personally thank the agent who has assisted him. The Worker would like to know the mobile number of the agent or at the very least their work email address, as they would like to send a special gift to the Airsupport member, what will response's content be?

  • A. Politely decline giving out the info of your co-agent to protect their privacy but let the Worker know that we will relay their appreciation to the concerned agent, and also assure that them that all agents are at their service.
  • B. Unfortunately we are unable to give out the mobile number and email address of our agent but if the Worker insists to give a gift, you can share the office address.
  • C. No need to reply to the email, close off as nfar.

Scenario Test B3

Scenario:

Member would only like to talk to an Australian-based agent and in asking what your office location is. How would you respond to the ticket?

  • A. Hi there, I am an agent located in Manila, Philippines but I am happy to assist you with your query. (insert response to the enquiry here)
  • B. Hi there, We’re happy to let you know that we have a great Customer Support Team based in Sydney complemented by an international team. This means we can provide extended support 7 days a week to our Members. I can go ahead and assist you with your query. (insert response to the enquiry here)
  • C. Hi there, I understand your frustration and will escalate your concern to a Sydney-based Team member now.